easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #769 from kakkoyun/ksonnet_no_more_12

Browse Source
This commit is contained in:
Paweł Krupa
2020-11-16 13:41:10 +01:00
committed by GitHub
parent aff0ef6582 c90d8a02a9
commit 09eb11bdbb
1 changed files with 105 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
jsonnet/kube-prometheus/ksm-autoscaler/ksm-autoscaler.libsonnet
View File

@@ -1,14 +1,7 @@
local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
{ {
_config+:: { _config+:: {
versions+:: { versions+:: { clusterVerticalAutoscaler: '0.8.1' },
clusterVerticalAutoscaler: "v0.8.1" imageRepos+:: { clusterVerticalAutoscaler: 'gcr.io/google_containers/cpvpa-amd64' },
},
imageRepos+:: {
clusterVerticalAutoscaler: 'gcr.io/google_containers/cpvpa-amd64'
},
kubeStateMetrics+:: { kubeStateMetrics+:: {
stepCPU: '1m', stepCPU: '1m',
@@ -16,103 +9,120 @@ local k = import 'github.com/ksonnet/ksonnet-lib/ksonnet.beta.4/k.libsonnet';
}, },
}, },
ksmAutoscaler+:: { ksmAutoscaler+:: {
clusterRole: clusterRole: {
local clusterRole = k.rbac.v1.clusterRole; apiVersion: 'rbac.authorization.k8s.io/v1',
local rulesType = clusterRole.rulesType; kind: 'ClusterRole',
metadata: { name: 'ksm-autoscaler' },
rules: [{
apiGroups: [''],
resources: ['nodes'],
verbs: ['list', 'watch'],
}],
},
local rules = [ clusterRoleBinding: {
rulesType.new() + apiVersion: 'rbac.authorization.k8s.io/v1',
rulesType.withApiGroups(['']) + kind: 'ClusterRoleBinding',
rulesType.withResources([ metadata: { name: 'ksm-autoscaler' },
'nodes', roleRef: {
]) + apiGroup: 'rbac.authorization.k8s.io',
rulesType.withVerbs(['list', 'watch']), kind: 'ClusterRole',
]; name: 'ksm-autoscaler',
},
subjects: [{ kind: 'ServiceAccount', name: 'ksm-autoscaler', namespace: $._config.namespace }],
},
clusterRole.new() + roleBinding: {
clusterRole.mixin.metadata.withName('ksm-autoscaler') + apiVersion: 'rbac.authorization.k8s.io/v1',
clusterRole.withRules(rules), kind: 'RoleBinding',
metadata: {
name: 'ksm-autoscaler',
namespace: $._config.namespace,
},
roleRef: {
apiGroup: 'rbac.authorization.k8s.io',
kind: 'Role',
name: 'ksm-autoscaler',
},
subjects: [{ kind: 'ServiceAccount', name: 'ksm-autoscaler' }],
},
clusterRoleBinding: role: {
local clusterRoleBinding = k.rbac.v1.clusterRoleBinding; apiVersion: 'rbac.authorization.k8s.io/v1',
kind: 'Role',
metadata: {
name: 'ksm-autoscaler',
namespace: $._config.namespace,
},
rules: [
{
apiGroups: ['extensions'],
resources: ['deployments'],
verbs: ['patch'],
resourceNames: ['kube-state-metrics'],
},
{
apiGroups: ['apps'],
resources: ['deployments'],
verbs: ['patch'],
resourceNames: ['kube-state-metrics'],
},
],
},
clusterRoleBinding.new() + serviceAccount: {
clusterRoleBinding.mixin.metadata.withName('ksm-autoscaler') + apiVersion: 'v1',
clusterRoleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') + kind: 'ServiceAccount',
clusterRoleBinding.mixin.roleRef.withName('ksm-autoscaler') + metadata: {
clusterRoleBinding.mixin.roleRef.mixinInstance({ kind: 'ClusterRole' }) + name: 'ksm-autoscaler',
clusterRoleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'ksm-autoscaler', namespace: $._config.namespace }]), namespace: $._config.namespace,
},
},
roleBinding:
local roleBinding = k.rbac.v1.roleBinding;
roleBinding.new() +
roleBinding.mixin.metadata.withName('ksm-autoscaler') +
roleBinding.mixin.metadata.withNamespace($._config.namespace) +
roleBinding.mixin.roleRef.withApiGroup('rbac.authorization.k8s.io') +
roleBinding.mixin.roleRef.withName('ksm-autoscaler') +
roleBinding.mixin.roleRef.mixinInstance({ kind: 'Role' }) +
roleBinding.withSubjects([{ kind: 'ServiceAccount', name: 'ksm-autoscaler' }]),
role:
local role = k.rbac.v1.role;
local rulesType = role.rulesType;
local extensionsRule = rulesType.new() +
rulesType.withApiGroups(['extensions']) +
rulesType.withResources([
'deployments',
]) +
rulesType.withVerbs(['patch']) +
rulesType.withResourceNames(['kube-state-metrics']);
local appsRule = rulesType.new() +
rulesType.withApiGroups(['apps']) +
rulesType.withResources([
'deployments',
]) +
rulesType.withVerbs(['patch']) +
rulesType.withResourceNames(['kube-state-metrics']);
local rules = [extensionsRule, appsRule];
role.new() +
role.mixin.metadata.withName('ksm-autoscaler') +
role.mixin.metadata.withNamespace($._config.namespace) +
role.withRules(rules),
serviceAccount:
local serviceAccount = k.core.v1.serviceAccount;
serviceAccount.new('ksm-autoscaler') +
serviceAccount.mixin.metadata.withNamespace($._config.namespace),
deployment: deployment:
local deployment = k.apps.v1.deployment;
local container = deployment.mixin.spec.template.spec.containersType;
local podSelector = deployment.mixin.spec.template.spec.selectorType;
local podLabels = { app: 'ksm-autoscaler' }; local podLabels = { app: 'ksm-autoscaler' };
local c = {
local kubeStateMetricsAutoscaler = name: 'ksm-autoscaler',
container.new('ksm-autoscaler', $._config.imageRepos.clusterVerticalAutoscaler + ':' + $._config.versions.clusterVerticalAutoscaler) + image: $._config.imageRepos.clusterVerticalAutoscaler + ':v' + $._config.versions.clusterVerticalAutoscaler,
container.withArgs([ args: [
'/cpvpa', '/cpvpa',
'--target=deployment/kube-state-metrics', '--target=deployment/kube-state-metrics',
'--namespace=' + $._config.namespace, '--namespace=' + $._config.namespace,
'--logtostderr=true', '--logtostderr=true',
'--poll-period-seconds=10', '--poll-period-seconds=10',
'--default-config={"kube-state-metrics":{"requests":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}},"limits":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}}}}' '--default-config={"kube-state-metrics":{"requests":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}},"limits":{"cpu":{"base":"' + $._config.kubeStateMetrics.baseCPU + '","step":"' + $._config.kubeStateMetrics.stepCPU + '","nodesPerStep":1},"memory":{"base":"' + $._config.kubeStateMetrics.baseMemory + '","step":"' + $._config.kubeStateMetrics.stepMemory + '","nodesPerStep":1}}}}',
]) + ],
container.mixin.resources.withRequests({cpu: '20m', memory: '10Mi'}); resources: {
requests: { cpu: '20m', memory: '10Mi' },
},
};
local c = [kubeStateMetricsAutoscaler]; {
apiVersion: 'apps/v1',
deployment.new('ksm-autoscaler', 1, c, podLabels) + kind: 'Deployment',
deployment.mixin.metadata.withNamespace($._config.namespace) + metadata: {
deployment.mixin.metadata.withLabels(podLabels) + name: 'ksm-autoscaler',
deployment.mixin.spec.selector.withMatchLabels(podLabels) + namespace: $._config.namespace,
deployment.mixin.spec.template.spec.withNodeSelector({ 'kubernetes.io/os': 'linux' }) + labels: podLabels,
deployment.mixin.spec.template.spec.securityContext.withRunAsNonRoot(true) + },
deployment.mixin.spec.template.spec.securityContext.withRunAsUser(65534) + spec: {
deployment.mixin.spec.template.spec.withServiceAccountName('ksm-autoscaler'), replicas: 1,
selector: { matchLabels: podLabels },
template: {
metadata: {
labels: podLabels,
},
spec: {
containers: [c],
serviceAccount: 'ksm-autoscaler',
nodeSelector: { 'kubernetes.io/os': 'linux' },
securityContext: {
runAsNonRoot: true,
runAsUser: 65534,
},
},
},
},
},
}, },
} }